JaffaCakes118_92cedf6f06764869cbdfe35e45e971cf | Triage

Sharing

General

Target

JaffaCakes118_92cedf6f06764869cbdfe35e45e971cf
Size

167KB
MD5

92cedf6f06764869cbdfe35e45e971cf
SHA1

c0e6a9511e13c90a9b220a10566405b5a29f77f9
SHA256

4c614436b483e1eed06866f9b7c318e9e72b2fe450b7d09a5e6caa434179ab51
SHA512

cbb1dee0e56b1f4cb2e27bd709189aad042266591c1237873cbc2cd0738c8138f42fb1df41ac99fa037d4bf12f6464ddd94169275e3f81e6208df90a083e463c
SSDEEP

3072:dCOWflR2j4H2YM2CJ8MU6NrNAx/ivJq/QfOE8pM7L+o7gMw:b1j4H2YmNVNBAQI/QfoO7LGt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_92cedf6f06764869cbdfe35e45e971cf

Files

JaffaCakes118_92cedf6f06764869cbdfe35e45e971cf
.exe windows:4 windows x86 arch:x86

48259d40eea2918278f10fb0b4c2b92f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

GetTickCount
lstrcpyA
LockResource
lstrcpyA
CheckRemoteDebuggerPresent
GetACP
OutputDebugStringW
GetLastError
lstrcpyW
GetCPInfo
EnumResourceNamesA
lstrlenW
MultiByteToWideChar
lstrcmpiW
FindClose
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
GlobalAlloc
GlobalFree
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

user32

CharNextW
wsprintfW
PostThreadMessageW
KillTimer
SetTimer
GetDC
CharUpperW
SendMessageW
DispatchMessageW
TranslateMessage
GetMessageW
UnregisterClassA

ole32

CoTaskMemFree
CoInitialize
CoRegisterClassObject
CoUninitialize
CoTaskMemRealloc
CoRevokeClassObject
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
StringFromCLSID

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ